ericlaw Quick Introductions Eric Lawrence ericlaw Why Bad guys Government snoops Nonneutral networks Gogo corporate Value adding providers Rewards Increased user trust ID: 697726
Download Presentation The PPT/PDF document "HTTPS in 2015 Eric Lawrence" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
HTTPS in 2015
Eric Lawrence
@
ericlawSlide2
Quick Introductions
Eric Lawrence
@
ericlawSlide3
Why?
Bad guys
Government snoops
Non-neutral networks
(
Gogo
, corporate)
“Value
adding providers”
Rewards
Increased user trust
Better search ranking
More reliable egress (HTTP2; WebSocket)Slide4
The Stack
Your Client Browser
HTTP
SSL/TLS
TCP
IPSlide5
HTTPS Provides…
Authentication
Confidentiality
IntegritySlide6
How?
Public Key Infrastructure for certificate chains
Public Key Cryptography for key exchanges
Symmetric Cryptography for data transfersSlide7
CertificatesSlide8
Hash Algorithms
MD5 busted
SHA1 heading that way
SHA256 entering mainstream in 2015Slide9
Validating the Certificate
Validate certificate signature
Validate it is within validity period
Validate it chains to trusted root
Validate
Subject
CN or
SubjectAltName
contains hostname of the target…
Wildcards
Check to see if it was revokedSlide10
Extended Validation SSL
BankoftheVVest.com phishing site
Domain validation and the race to the bottomSlide11
Ciphers, Hashes, and MACs oh my…Slide12
Initial HandshakeSlide13Slide14
SNI Extension
Break the
IPEndpoint
->Server mappingImportant to allow HTTPS virtual hosting
Not available on
WinXP
or Android < v2.3
Slide15Slide16
Forward Secrecy
If you can record ALL of the traffic…
And you’re using RSA…
And you can
ever
steal or crack the private key (at any point in the future…
Achieving Forward
Secrecy
Do not use the RSA key exchange, which does not provide forward secrecy. Instead, look
for the
string
ECDHE
or
DHE
in the cipher suite name.
RSA can be
used for
key
exchange
and
authentication
;
there is nothing wrong with the latter.
Slide17
Popular Ciphers
Triple-DES
RC4
AES
ChaCha
(new)Slide18
Revocation
CRL (Certificate Revocation List)
OCSP (Online Certificate Status Protocol)
Deployed
blocklistsSlide19
Certificate Pinning
Built-into browser
Distributed with security software like Microsoft EMET
New HTTP Public
Key Pinning header
https://
tools.ietf.org/html/draft-ietf-websec-key-pinning-21
Public-Key-Pins: pin-sha256="GHI..."; pin-sha256="JKL
..."; max-age=… report-
uri
=…;
includeSubDomainsSlide20
Certificate Transparency
http://www.certificate-transparency.org
/
Google
Chrome intends to require Certificate Transparency (CT) for all EV certificates issued
after 2014. A SCT “Signed Certificate Timestamp” is added to the certificate.Slide21
PerformanceSlide22
https://www.youtube.com/watch?v=0EB7zh_7UE4Slide23Slide24
Session Resumption
http://calendar.perfplanet.com/2014/speeding-up-https-with-session-resumption/Slide25
ECC Public Keys
ECC certificates offer
stronger security and smaller certificates
- e.g. a 256-bit ECC key is equivalent to a 3072-bit RSA key.
http
://arstechnica.com/security/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/Slide26
Run Latest VersionsSlide27
I’m in!Slide28Slide29Slide30
Enabling HTTPS
for your site will be as easy as installing a small piece of certificate management software on the server:
https
://example.com
is immediately live
.
The Let’s Encrypt management software will:
Automatically prove to the Let’s Encrypt CA that you control the website
Obtain a browser-trusted certificate and set it up on your web server
Keep track of when your certificate is going to expire, and automatically renew it
Help you revoke the certificate if that ever becomes necessary
.
No validation emails, no complicated configuration editing, no expired certificates breaking your website. And of course, because Let’s Encrypt provides certificates for free, no need to arrange payment.Slide31
WebDev Errors
Critical Mistake #1: Non-HTTPS Login pages (even if submitting to a HTTPS page
).Slide32
WebDev Errors
Critical
Mistake #2: Mixing HTTP Content into a HTTPS pageSlide33
HSTSSlide34
HSTS
http://blogs.msdn.com/b/ieinternals/archive/2014/08/18/hsts-strict-transport-security-attacks-mitigations-deployment-https.aspx
Insecure references are upgraded
Certificate errors are fatal
Use
the HTTPS response header:
Strict-Transport-Security: max-age=63072000;
includeSubDomains
Or get on the browsers’ pre-load
list (avoid bootstrapping problem) Slide35
Fiddler Visualization
If there’s an exclamation point in the column, you’ve done something wrong!Slide36
Migration Guide
https://
t.co/0ORIlnp64Y
Chris
Palmer @
fugueish
Use STS
Use
Secure
attribute on cookies
Protocol-relative URLs
Run the
Qualys
SSLLabs
Server testSlide37
SSLLabsSlide38
HTTPS
all
the Things!Slide39
Best Practice
Secure everything. It’s very hard to predict future attack scenarios.
Yes, really.Slide40
HTTP Content indicatorSlide41
HTTP Content indicatorSlide42
Not Just Browsers…Slide43
HacksSlide44Slide45Slide46Slide47
HTTPS Traffic Analysis
Source IP
Destination IP
Server Name (via SNI)Higher-level protocol (via ALPN)
Client Certificates (if sent before encryption)Slide48Slide49
Implementation Issues
Truncation
Compression
Clickthrough UISlide50
Implementation Issues
Truncation
Compression
Clickthrough UISlide51
Implementation Issues
Truncation
Compression
Clickthrough UISlide52
MITM/MITB AttacksSlide53
MITM/MITB AttacksSlide54
Extended Validation Won’t HelpSlide55Slide56Slide57
Heartbleed
http://xkcd.com/1354/Slide58
Sometimes, you do attack the cryptoSlide59
Crypto Deep Dive later this morning…Slide60
Book: Bulletproof SSL and TLS
https://www.feistyduck.com/books/bulletproof-ssl-and-tls/
Coupon Code for 25% off
CODEMASH
Valid
January
1st to 31st
Free Chapter:
https
://www.feistyduck.com/books/openssl-cookbook/Slide61
Thanks for coming!
Questions?
Find me on Twitter:
@
ericlaw
Email me:
e_Lawrence@hotmail.com
Go forth and secure all the things!Slide62
See how lightsabers
are built…Slide63
Combatting breach?Slide64